ClawHub

Skill Self Evolution Enhancer

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about adding self-evolution to other skills, but it can persistently rewrite skill behavior and overwrite evolution files without enough user control.

Install only if you intentionally want a tool that modifies other skills so they learn from future feedback. Use the script's --dry-run mode first, back up or diff the target skill before applying changes, avoid running it on third-party skills you do not control, and add SOUL.md or AGENTS.md snippets only when you want workspace-level behavior changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README instructs users to generate .learnings/ and EVOLUTION.md inside a target skill, which implies creating or modifying files in user-controlled locations, but it does not clearly warn about those side effects or advise review before writing. In a skill that operates on arbitrary skill paths, unclear disclosure increases the risk of unintended workspace changes, overwriting existing files, or surprising modifications to third-party content.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill instructs adding generic fallback triggers such as broad correction phrases, which can cause routine user feedback to be logged and operationalized as evolution signals even when the user did not intend to modify long-term behavior. In a self-evolving skill, this increases the chance of spurious learning, rule drift, and unintended promotion of low-quality or conflicting patterns across future uses.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
Mandating language inference from the target skill forces output language selection without explicit user choice, which can mis-handle multilingual contexts and cause generated evolution artifacts to be inaccessible or inappropriate for the actual operator. Because this skill creates persistent files and operating instructions for other skills, a wrong inferred language can propagate misunderstandings and unsafe edits over time.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The template defines highly generic learning and error triggers such as user corrections, better approaches, unexpected behavior, and missing capabilities, without requiring strong scoping or validation. In a self-evolution skill, this can cause over-collection of feedback and unintended activation of learning workflows, leading to persistent policy drift or accidental promotion of weak rules into future behavior.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The guidance for sparse skills explicitly recommends adding generic activation triggers like '用户纠正' and '操作失败', which can cause the self-evolution workflow to activate in many unrelated situations. In a skill that writes learnings or modifies evolution artifacts, broad triggers increase the chance of unintended logging, noisy feedback loops, and over-application of self-modification behavior.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation condition 'After suggesting optimization steps' is underspecified and can be interpreted as activating automatically after any recommendation, regardless of user feedback or outcome. In a self-evolving skill, this ambiguity can lead to premature learning/error logging and unnecessary evolution actions based on incomplete evidence.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
Mandating that all output be generated in the language inferred from SKILL.md removes explicit user choice and may cause the system to ignore the user's current language preference. This can degrade transparency, produce unusable remediation or safety content for the user, and create control-flow issues where inferred metadata overrides live user instructions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal